Security concerns cloud holiday shopping
New survey reveals consumer fears about data privacy, ID theft and online fraud
Computerworld - The big increase in online sales expected this holiday shopping season comes amid what appears to be unprecedented consumer concerns over data privacy, online fraud and identity theft.
The results of a new survey of 1,005 consumers released today shows that while 78% of U.S. Internet users plan on shopping online this year, more than 69% of those shoppers will limit their online purchasing because of concerns about the possible misuse of their personal information.
The survey was conducted by San Francisco-based Truste, a nonprofit privacy organization, and market research firm TNS Global in New York. It found that privacy concerns would deter more than 40% of the respondents from buying from smaller online retailers, and about 22% said they will not be purchasing online at all.
The survey was conducted online between Oct. 27 and Nov. 1.
"There's definitely a reason for both consumers and merchants to feel more concerned" about data security and privacy issues compared with previous years, said John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc.
For consumers, the biggest risks come from the increasing use of keystroke logging and password acquisition tools by hackers, Pescatore said. Such remote access tools allow cyber thieves to capture sensitive information such as credit card numbers from consumers who are doing business online, he said. A Gartner study in March showed that despite a higher awareness of phishing scams, a large number of consumers continue to be fooled into visiting Web sites that download such hacker tools.
Dan Clements, founder of Cardcops.com, a Malibu, Calif.-based company that enables consumers to check for stolen credit card numbers, said that the number of stolen credit cards and pieces of personally identifiable information appears to be growing. "There is a definite underground where you can buy and sell this stuff without the threat of law enforcement," he said.
Much of the stolen information appears to have been snagged through hacks into systems containing confidential data and from phishing scams, he said.
"Almost every day we see a new merchant being hacked" and information being stolen from their systems, said Clements, whose company scours known hacker sites, chat rooms and other online locations for stolen credit cards and personally identifiable bits of data.
Over the past three years, Cardcops has alerted more than 500 merchants about data compromises resulting from potential hacks into their systems. Clements said the company has also found more than 1 million stolen credit cards and between 7 million and 10 million pieces of personally identifiable information associated with those cards, such as last names and addresses, he said.


- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Security Strategies to Virtualizing Internet-Facing Applications
- The IT organization at Intel has set a goal to transition their enterprise to a private cloud for their Office and Enterprise applications....
- Cloud Security Planning Guide
- Cloud security considerations span protecting hardware and platform technologies in the data center to enabling regulatory compliance and defending cloud access through different...
- Cloud Security Vendor Round Table
- This vendor round table guide will help you to evaluate different cloud technology vendors and service providers based on a series of questions...
- Planning Guide - Technology for Tomorrow's Cloud
- This cloud planning guide will introduce you to data center technologies that address challenges of networking, storage, security, and power management. It's based...
- Cloud Security Insights for IT Strategic Planning
- The survey results of 200 IT professionals highlights the key business and technology drivers behind implementation plans, the importance of security, and the... All Security White Papers
- Live Webcast
Data Privacy and Protection in Production Environments: New Research from Ponemon Institute - Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT
In a recent study conducted by Ponemon Institute, fifty-five percent of respondents... - Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT
In a recent study conducted by Ponemon Institute, fifty-five percent of respondents... - Security Certifications 101 - BlackBerry and all those acronyms what do they mean and why they matter?
- FIPS, Common Criteria, CAPS, AISEP, NFC, NIST, Fraunhofer SIT, CESG, DSD - these are just some of the government and industry certifications which...
- BlackBerry PlayBook OS 2.0 Security Overview
- The presentation provides an overview of BlackBerry PlayBook OS 2.0 security capabilities and features, including: BlackBerry® Balance™ technology, BlackBerry® Bridge, data-at-rest protection, and...
- BlackBerry NFC Security Overview
- The presentation on NFC security will provide an overview of the security protections built into the BlackBerry platform to protect users, application developers...
- Playing Defense: Staying on Top of Your Disaster Recovery Game
- When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing... All Security Webcasts